head	1.5;
access;
symbols
	pkgsrc-2026Q1:1.5.0.10
	pkgsrc-2026Q1-base:1.5
	pkgsrc-2025Q4:1.5.0.8
	pkgsrc-2025Q4-base:1.5
	pkgsrc-2025Q3:1.5.0.6
	pkgsrc-2025Q3-base:1.5
	pkgsrc-2025Q2:1.5.0.4
	pkgsrc-2025Q2-base:1.5
	pkgsrc-2025Q1:1.5.0.2
	pkgsrc-2025Q1-base:1.5
	pkgsrc-2024Q4:1.4.0.2
	pkgsrc-2024Q4-base:1.4
	pkgsrc-2024Q3:1.3.0.4
	pkgsrc-2024Q3-base:1.3
	pkgsrc-2024Q2:1.3.0.2
	pkgsrc-2024Q2-base:1.3;
locks; strict;
comment	@// @;


1.5
date	2025.01.14.13.36.15;	author ryoon;	state Exp;
branches;
next	1.4;
commitid	MvMQk8Ck5L1ImsFF;

1.4
date	2024.10.29.14.33.40;	author ryoon;	state Exp;
branches;
next	1.3;
commitid	rFyx2KgbXw0S9zvF;

1.3
date	2024.04.06.08.54.54;	author ryoon;	state Exp;
branches;
next	1.2;
commitid	KfEW8l3B5oraU35F;

1.2
date	2014.05.30.10.22.05;	author pho;	state dead;
branches;
next	1.1;
commitid	pujOAy5YvcBW3yCx;

1.1
date	2014.05.28.10.08.18;	author pho;	state Exp;
branches;
next	;
commitid	T0lYh9vYX3Iv3iCx;


desc
@@


1.5
log
@www/firefox: Update to 134.0

Changelog:
134.0:
New

  * Firefox now supports touchpad hold gestures on Linux. This means that
    kinetic (momentum) scrolling can now be interrupted by placing two fingers
    on the touchpad.

  * Hardware-accelerated playback of HEVC video content is now supported on
    Windows.

  * Ecosia's availability has been expanded to all languages in the German
    region along with Austria, Belgium, Italy, Netherlands, Spain, Sweden and
    Switzerland.

Fixed

  * Various security fixes.

Changed

  * Firefox now follows the model HTML specification for transient user
    activation more closely. This change makes popup blocking less strict in
    cases where previous versions of Firefox were overly aggressive, reducing
    erroneous blocking prompts.

  * A refreshed New Tab layout is being rolled out to users in the US and
    Canada, featuring a repositioned logo and weather widget to prioritize Web
    Search, Shortcuts, and Recommended Stories at the top. The update includes
    changes to the card UI for recommended stories and allows users with larger
    screens to see up to four columns, making better use of space.

    Currently available in: Canada, United States
    [progressiv]

    This feature is part of a progressive roll out.

Security fixes:
Mozilla Foundation Security Advisory 2025-01
#CVE-2025-0244: Address bar spoofing using an invalid protocol scheme on
 Firefox for Android
#CVE-2025-0245: Lock screen setting bypass in Firefox Focus for Android
#CVE-2025-0246: Address bar spoofing using an invalid protocol scheme on
 Firefox for Android
#CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack
#CVE-2025-0238: Use-after-free when breaking lines in text
#CVE-2025-0239: Alt-Svc ALPN validation failure when redirected
#CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module
#CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation
#CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
 Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird
 128.6
#CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
 Firefox ESR 128.6, and Thunderbird 128.6
#CVE-2025-0247: Memory safety bugs fixed in Firefox 134 and Thunderbird 134
@
text
@$NetBSD: patch-netwerk_protocol_http_nsHttpHandler.cpp,v 1.4 2024/10/29 14:33:40 ryoon Exp $

* Do not freeze user-agent string as Linux under NetBSD.

--- netwerk/protocol/http/nsHttpHandler.cpp.orig	2024-12-26 14:27:48.719857849 +0000
+++ netwerk/protocol/http/nsHttpHandler.cpp
@@@@ -1063,6 +1063,8 @@@@ void nsHttpHandler::InitUserAgentCompone
   mOscpu.AssignLiteral("Linux armv81");
 #elif defined(XP_IOS)
   mOscpu.AssignLiteral("iPhone");
+#elif defined(__NetBSD__)
+  mOscpu.AssignLiteral("NetBSD x86_64");
 #else
   mOscpu.AssignLiteral("Linux x86_64");
 #endif
@


1.4
log
@www/firefox: Update to 132.0

Changelog:
132.0:
New

  * Microsoft PlayReady encrypted media playback is now being rolled out to
    select sites on Windows. Through this support, we are gradually rolling out
    a 1080p baseline and 4K Ultra HD support with key streaming partners. An
    added benefit is that viewers get less battery drain and better performance
    when streaming their favorite movies and shows.

    This feature is part of a progressive roll out.

  * Wide Color Gamut WebGL is now available for Windows and macOS users! With
    this support, Firefox is bringing a richer, more vivid range of colors to
    the videos, games, and images on your screen. This implementation currently
    supports wider color (P3) profiles in 8-bit.

  * WebRender hardware accelerated rendering is now enabled for most SVG filter
    primitives, improving performance for certain graphics-heavy content.
    Accelerated filters are feBlend, feColorMatrix, feComponentTransfer,
    feComposite, feDropShadow, feFlood, feGaussianBlur, feMerge and feOffset.

  * Added support for macOS?? new screen and window sharing selection features
    on macOS 15 and later. Support for macOS 14 will be added in a future
    release.

  * The macOS session resume feature has been enhanced. Firefox will now
    automatically relaunch if it was open before a system restart, like after
    an OS update.

  * Firefox now blocks third-party cookie access when Enhanced Tracking
    Protection's Strict mode is enabled.

Fixed

  * Various security fixes.

Changed

  * As a follow-up to our work to upgrade mixed content starting with Firefox
    127, HTTP-favicons will now also be blocked if they can not be received
    over HTTPS instead.

  * The Copy Without Site Tracking option is now grayed out when no known
    tracking parameters are found within the link. Additionally, more tracking
    parameter support has been added for websites such as LinkedIn and Shopee.
    Please report tracking parameters that aren't removed by filing a bug in
    Bugzilla.

Security fixes:
Mozilla Foundation Security Advisory 2024-55
#CVE-2024-10458: Permission leak via embed or object elements
#CVE-2024-10459: Use-after-free in layout with accessibility
#CVE-2024-10460: Confusing display of origin for external protocol handler
 prompt
#CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/
 x-mixed-replace response
#CVE-2024-10462: Origin of permission prompt could be spoofed by long URL
#CVE-2024-10463: Cross origin video frame leak
#CVE-2024-10468: Race conditions in IndexedDB
#CVE-2024-10464: History interface could have been used to cause a Denial of
 Service condition in the browser
#CVE-2024-10465: Clipboard "paste" button persisted across tabs
#CVE-2024-10466: DOM push subscription message could hang Firefox
#CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132,
 Firefox ESR 128.4, and Thunderbird 128.4
@
text
@d1 1
a1 1
$NetBSD: patch-netwerk_protocol_http_nsHttpHandler.cpp,v 1.3 2024/04/06 08:54:54 ryoon Exp $
d5 1
a5 1
--- netwerk/protocol/http/nsHttpHandler.cpp.orig	2024-10-18 13:19:10.000000000 +0000
d7 1
a7 3
@@@@ -1048,6 +1048,8 @@@@ void nsHttpHandler::InitUserAgentCompone
   mOscpu.AssignLiteral("Intel Mac OS X 10.15");
 #elif defined(ANDROID)
d9 3
a11 1
+#  elif defined(__NetBSD__)
@


1.3
log
@www/firefox: Add missing patch
@
text
@d1 1
a1 1
$NetBSD$
d5 1
a5 1
--- netwerk/protocol/http/nsHttpHandler.cpp.orig	2024-03-12 14:30:47.266423256 +0000
d7 4
a10 4
@@@@ -903,6 +903,8 @@@@ void nsHttpHandler::InitUserAgentCompone
   if (mozilla::StaticPrefs::network_http_useragent_freezeCpu()) {
 #  ifdef ANDROID
     mOscpu.AssignLiteral("Linux armv81");
d12 4
a15 4
+    mOscpu.AssignLiteral("NetBSD x86_64");
 #  else
     mOscpu.AssignLiteral("Linux x86_64");
 #  endif
@


1.2
log
@PR pkg/48840: Remove most patches that I have recently added

The preprocessor macro XP_MACOSX is misused everywhere. They tend to
say "#if defined(XP_MACOSX)" to actually mean
"#if defined(MOZ_WIDGET_COCOA)". It's okay to equate XP_MACOSX with
XP_DARWIN but equating it with MOZ_WIDGET_COCOA is just wrong. As a
result, cairo-gtk2 build on Darwin is completely broken and needs
heavy patching. Ideally they should be fixed individually but that
will be an extremely hard work, so don't define XP_MACOSX for now.
@
text
@d1 1
a1 1
$NetBSD: patch-netwerk_protocol_http_nsHttpHandler.cpp,v 1.1 2014/05/28 10:08:18 pho Exp $
d3 1
a3 1
nsCocoaFeatures is only available when the toolkit is cocoa.
d5 1
a5 1
--- netwerk/protocol/http/nsHttpHandler.cpp.orig	2014-05-06 22:56:20.000000000 +0000
d7 9
a15 27
@@@@ -57,7 +57,7 @@@@
 #include <windows.h>
 #endif
 
-#if defined(XP_MACOSX)
+#if defined(MOZ_WIDGET_COCOA)
 #include <CoreServices/CoreServices.h>
 #include "nsCocoaFeatures.h"
 #endif
@@@@ -671,7 +671,7 @@@@ nsHttpHandler::InitUserAgentComponents()
     "OS/2"
 #elif defined(XP_WIN)
     "Windows"
-#elif defined(XP_MACOSX)
+#elif defined(MOZ_WIDGET_COCOA)
     "Macintosh"
 #elif defined(MOZ_X11)
     "X11"
@@@@ -734,7 +734,7 @@@@ nsHttpHandler::InitUserAgentComponents()
             PR_smprintf_free(buf);
         }
     }
-#elif defined (XP_MACOSX)
+#elif defined (MOZ_WIDGET_COCOA)
 #if defined(__ppc__)
     mOscpu.AssignLiteral("PPC Mac OS X");
 #elif defined(__i386__) || defined(__x86_64__)
@


1.1
log
@PR pkg/48840: Don't assume cocoa toolkit just because OS_ARCH is Darwin
@
text
@d1 1
a1 1
$NetBSD$
@